REMARKS 

Reconsideration of the application in view of the following remarks is 
respectfully requested. No claims have been added, cancelled, or amended. Thus, 
Claims 1, 3-17, and 19-32 are currently pending in the application. 



Claim Rejections - 35 U.S.C. § 103(a) 

Claims 3 and 19 stand objected to as being dependent upon a rejected base claim, 
but would be allowable if rewritten in independent form. 

Claims 1, 4-17, and 20-32 stand rejected under 35 U.S.C. § 103(a) as allegedly 
being anticipated by U.S. Patent No. 5,842,002 issued to Schnurer et al. i^Schnurer") in 
view of U.S. Patent No. 6,357,008 issued to Nachenberg {"Nachenberg"). 

Applicant respectfully traverses. 



Independent Claim 1 

With regard to independent Claim 1, there is recited: 

A computer-implemented method for executing an untrusted program, 
comprising: 

establishing a limited environment within a general environment, wherein 
said limited environment comprises at least one mock resource, wherein said 
general environment comprises at least one real resource, wherein said limited 
environment and said general environment are both provided by the same 
operating system, and wherein programs executing within said limited 
environment cannot access the one or more real resources in said general 
environment; 

executing at least a portion of an untrusted program within said limited 
environment; and 

examining said limited environment after execution of at least said portion 
of said untrusted program to check for undesirable behavior exhibited by said 
untrusted program (emphasis added). 
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The approach of Claim 1 

Claim 1 provides an advantageous method for executing an untrusted program. 
According to Claim 1, a computer-implemented method establishes a limited 
environment within a general environment. The general environment comprises one or 
more real resources, while the limited environment comprises one or more mock 
resources. The general environment and the limited environment are both provided by 
the same operating system. Programs executed within the limited environment cannot 
access the one or more real resources of the general environment. The limited 
environment is examined after execution of the untrusted program to check for 
undesirable behavior exhibited by the untrusted program. Advantageously, the behavior 
of the untrusted program may be verified without putting the real resources in the general 
environment at risk. 

General Environment and Limited Environment as claimed are not shown 
by Schnurer 

Schnurer is cited to show several features of Claim 1. The portion of Schnurer 
cited to show a limited environment discusses virus trapping device 10 or emulation box 
48 residing on virus trapping device 10. The portion of Schnurer cited to show a general 
environment discusses another computer being protected by virus trapping device 10, 
such as file server 42 or nodes 32. As is made clear in Schnurer, the general environment 
and the limited environment are implemented on different physical machines. Each 
physical machine runs a separate operating system. That being the case, it is clear that 
Schnurer does not disclose or suggest, "wherein said limited environment and said 
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general environment are both provided by the same operating system," as recited in 

Claim 1 . Indeed, the Office Action acknowledges, "Schnurer does not specifically teach 

wherein said limited environment and said general environment are both provided by the 

same operating system." 

In view of the deficiencies of Schnurer, the Office Action relies upon Nachenberg 

to show this feature by stating: 

Nachenberg teaches an antivirus program that includes a decryption, 
exploration and evaluation phases/modules causing a CPU emulator with 
virtual memory to simulate untrusted programs/instructions [Nachenburg, 
col. 1, lines 16-20; col. 5, lines 27-40; col. 6, lines 52-58; col. 7, line 31 - 
col. 8, line 47]. 

The Office Action alleges that "it would have been obvious to one of ordinary 
skill in the art at the time the invention was made to have combined the teaching of 
Schnurer with the teaching of Nachenberg by implementing the limited environment in 
the same machine as the general environment if the limited environment is limited to 
protect a specific machine and to have an operating system within the machine providing 
both environments for the same reason." Applicant respectfully submits that this is in 
error, as Schnurer expressly, and in very clear, colorful, and emphatic language, teaches 
away from just such a combination. 

Combination of the references would destroy Schnurer 

The Examiner's suggestion of having a single operating system provide both the 
general environment and the limited environment in Schnurer would destroy Schnurer, 
Schnurer states: 

"The inventors recognize that it can be done without a transplatform, but it 
will be slow and absolutely unsafe. The use of a foreign operating system 
can be likened to the use of lead walls and glass walls and mechanical 
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arms used by people manipulating radioactive materials in a lab. While it 
is certainly possible to pick up radioactivity with one's bare hands, it is not 
highly recommended or is it safe. While the invention can be had without 
the use of a foreign operating system, it is not highly recommended nor is 
it safe" (Col. 4, line 63 - Col. 5, line 5). 

"The use of a foreign operating system guarantees the invention a high 
degree of safety and impenetrability. While the inventors recognize that 
such invention can be built without the use of a foreign operating system, 
such a version of the invention would lack any credible degree of security. 
In addition, without the use of a foreign operating system the invention 
itself risks contamination." (Col. 4, lines 11-17). 

Thus, Schnurer strongly teaches away from having a single operating system 
providing anything analogous to both the general environment and the limited 
environment. Schnurer teaches that, while it is possible to do so, not using a foreign 
operating system is "not highly recommended nor is it safe." One skilled in the art, 
having read the portion of Schnurer quoted above, would have been highly motivated to 
not have both the limited environment and the general environment provided by the same 
operating system. 

Moreover, Schnurer teaches, "without the use of a foreign operating system the 
invention itself risks contamination" and would be "absolutely unsafe." As a result, any 
advantage provided by the teachings of Schnurer would be lost if a foreign operating 
system is not used. Consequently, Schnurer would be destroyed if the Examiner's 
suggestion were to be carried out. 

As explained above, Schnurer and Nachenberg cannot be properly combined as 
suggested by the Examiner to support the rejection based on 35 U.S.C. § 103(a) of Claim 
1. Consequently, Claim 1 is patentable over the cited art and is in condition for 
allowance. 
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Claims 3-17 and 19-32 
Claims 3-16 are dependent claims, each of which depends (directly or indirectly) 
from Claim 1. Each of Claims 3-16 is therefore allowable for at least the reasons given 
above with respect to Claim 1 . In addition, each of Claims 3-16 introduces one or more 
additional limitations that independently render it patentable. Due to the fundamental 
differences already identified, to expedite the positive resolution of this case, a separate 
discussion of the limitations of Claims 3-16 is not included at this time. The Applicant 
reserves the right to further point out the differences between the cited art and the novel 
features recited in the dependent claims at a later time. 

Claims 17 and 19-32 include limitations similar to Claims 1 and 3-16 respectively, 
except in the context of computer-readable media. It is therefore respectfully submitted 
that Claims 17 and 19-32 are patentable over Schnurer for at least the reasons given 
above with respect to Claims 1 and 3-16. 
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CONCLUSION 

For the reasons given above, the Applicant submits that the pending claims are 
patentable over the art of record, including the art cited but not applied. Accordingly, 
allowance of all pending claims is respectfully solicited. 

The Examiner is invited to telephone the undersigned at (408) 414-1225 to 
discuss any issue that may advance prosecution. 

No fee is believed to be due specifically in connection with this Reply. The 
Commissioner is authorized to charge any fee that may be due in connection with this 
Reply to our Deposit Account No. 50-1302. 

Respectfully submitted, 

HICKMAN PALERMO TRUONG & BECKER LLP 



Dated: May 4, 2006 




Christophers Brokaw 
Reg. No. 45,620 



2055 Gateway Place, Suite 550 
San Jose, California 951 10-1089 
Telephone No.: (408) 414-1080 ext. 225 
Facsimile No.: (408)414-1076 
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